| 3.034 - Unencrypted passwords must not be sent to third-party SMB Servers. | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.034 - Unencrypted passwords must not be sent to third-party SMB Servers. | DISA Windows Server 2008 DC STIG v6r47 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 3.034 - Unencrypted passwords must not be sent to third-party SMB Servers. | DISA Windows Server 2008 MS STIG v6r46 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| AOSX-10-000605 - The operating system must transmit only cryptographically-protected passwords. | DISA STIG Apple Mac OSX 10.10 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| AOSX-11-000606 - The OS X system must not use unencrypted FTP. | DISA STIG Apple Mac OSX 10.11 v1r6 | Unix | CONFIGURATION MANAGEMENT |
| AOSX-12-000606 - The OS X system must not use unencrypted FTP. | DISA STIG Apple Mac OSX 10.12 v1r6 | Unix | CONFIGURATION MANAGEMENT |
| APPL-14-002038 - The macOS system must disable Trivial File Transfer Protocol service. | DISA Apple macOS 14 (Sonoma) STIG v1r2 | Unix | |
| DB2X-00-004100 - If passwords are used for authentication, DB2 must transmit only encrypted representations of passwords - DB2AUTH | DISA STIG IBM DB2 v10.5 LUW v1r4 OS Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| DB2X-00-004100 - If passwords are used for authentication, DB2 must transmit only encrypted representations of passwords. - AUTHENTICATION | DISA STIG IBM DB2 v10.5 LUW v1r3 OS Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| DB2X-00-004100 - If passwords are used for authentication, DB2 must transmit only encrypted representations of passwords. - AUTHENTICATION | DISA STIG IBM DB2 v10.5 LUW v1r3 OS Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| DB2X-00-004100 - If passwords are used for authentication, DB2 must transmit only encrypted representations of passwords. - DB2AUTH | DISA STIG IBM DB2 v10.5 LUW v1r3 OS Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| DB2X-00-004100 - If passwords are used for authentication, DB2 must transmit only encrypted representations of passwords. - DB2AUTH | DISA STIG IBM DB2 v10.5 LUW v1r3 OS Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| EP11-00-004400 - If passwords are used for authentication, the EDB Postgres Advanced Server must transmit only encrypted representations of passwords. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v1r1 | Windows | CONFIGURATION MANAGEMENT |
| GEN001100 - Root passwords must never be passed over a network in clear text form - 'root has logged in over a network' | DISA STIG AIX 5.3 v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN001100 - Root passwords must never be passed over a network in clear text form - 'ssh is running' | DISA STIG AIX 5.3 v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN003850 - The telnet daemon must not be running | DISA STIG HP-UX 11.31 v1r19 | Unix | CONFIGURATION MANAGEMENT |
| GEN003850 - The telnet daemon must not be running - 'chkconfig' | DISA STIG for Oracle Linux 5 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN003850 - The telnet daemon must not be running - 'chkconfig' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN003850 - The telnet daemon must not be running. | DISA STIG AIX 5.3 v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN003850 - The telnet daemon must not be running. | DISA STIG AIX 6.1 v1r13 | Unix | CONFIGURATION MANAGEMENT |
| JBOS-AS-000305 - LDAP enabled security realm value allow-empty-passwords must be set to false. | DISA RedHat JBoss EAP 6.3 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| MD4X-00-000600 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords - allowConnectionsWithoutCertificates | DISA STIG MongoDB Enterprise Advanced 4.x v1r2 OS | Unix | |
| MD4X-00-000600 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords - allowInvalidCertificates | DISA STIG MongoDB Enterprise Advanced 4.x v1r2 OS | Unix | |
| MD4X-00-000600 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords - CAFile | DISA STIG MongoDB Enterprise Advanced 4.x v1r2 OS | Unix | |
| MD4X-00-000600 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords - certificateKeyFile | DISA STIG MongoDB Enterprise Advanced 4.x v1r2 OS | Unix | |
| MD4X-00-000600 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords - mode | DISA STIG MongoDB Enterprise Advanced 4.x v1r2 OS | Unix | |
| MD4X-00-000600 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords. | DISA STIG MongoDB Enterprise Advanced 4.x v1r3 OS | Unix | |
| MD4X-00-000600 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords. - CAFile | DISA STIG MongoDB Enterprise Advanced 4.x v1r1 OS | Unix | |
| MD4X-00-000600 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords. - certificateKeyFile | DISA STIG MongoDB Enterprise Advanced 4.x v1r1 OS | Unix | |
| MD4X-00-000600 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords. - mode | DISA STIG MongoDB Enterprise Advanced 4.x v1r1 OS | Unix | |
| OH12-1X-000240 - OHS must have the LoadModule ossl_module directive enabled to encrypt passwords during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | ACCESS CONTROL |
| OH12-1X-000241 - OHS must use FIPS modules to encrypt passwords during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | ACCESS CONTROL |
| OH12-1X-000242 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to encrypt passwords during transmission - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000242 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to encrypt passwords during transmission - SSLProtocol | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PPS9-00-004400 - If passwords are used for authentication, the EDB Postgres Advanced Server must transmit only encrypted representations of passwords. | EDB PostgreSQL Advanced Server OS Linux Audit v1r7 | Unix | ACCESS CONTROL |
| SLES-12-030011 - The SUSE operating system must not have the vsftpd package installed if not required for operational support. | DISA SLES 12 STIG v2r7 | Unix | |
| SLES-12-030011 - The SUSE operating system must not have the vsftpd package installed if not required for operational support. | DISA SLES 12 STIG v2r11 | Unix | |
| SLES-12-030011 - The SUSE operating system must not have the vsftpd package installed if not required for operational support. | DISA SLES 12 STIG v2r12 | Unix | |
| SLES-12-030011 - The SUSE operating system must not have the vsftpd package installed if not required for operational support. | DISA SLES 12 STIG v2r6 | Unix | |
| SLES-12-030011 - The SUSE operating system must not have the vsftpd package installed if not required for operational support. | DISA SLES 12 STIG v2r9 | Unix | |
| SLES-15-010030 - The SUSE operating system must not have the vsftpd package installed if not required for operational support. | DISA SLES 15 STIG v1r13 | Unix | |
| SLES-15-010030 - The SUSE operating system must not have the vsftpd package installed if not required for operational support. | DISA SLES 15 STIG v1r12 | Unix | |
| SLES-15-010030 - The SUSE operating system must not have the vsftpd package installed if not required for operational support. | DISA SLES 15 STIG v1r6 | Unix | |
| SLES-15-010030 - The SUSE operating system must not have the vsftpd package installed if not required for operational support. | DISA SLES 15 STIG v1r10 | Unix | |
| SLES-15-010030 - The SUSE operating system must not have the vsftpd package installed if not required for operational support. | DISA SLES 15 STIG v1r9 | Unix | |
| SLES-15-010180 - The SUSE operating system must not have the telnet-server package installed. | DISA SLES 15 STIG v1r13 | Unix | |
| SLES-15-010180 - The SUSE operating system must not have the telnet-server package installed. | DISA SLES 15 STIG v1r10 | Unix | |
| SLES-15-010180 - The SUSE operating system must not have the telnet-server package installed. | DISA SLES 15 STIG v1r11 | Unix | |
| SYMP-NM-000260 - Symantec ProxySG must transmit only encrypted representations of passwords. - HTTP-Console Disabled | DISA Symantec ProxySG Benchmark NDM v1r1 | BlueCoat | CONFIGURATION MANAGEMENT |
| SYMP-NM-000260 - Symantec ProxySG must transmit only encrypted representations of passwords.- HTTPS-Console Enabled | DISA Symantec ProxySG Benchmark NDM v1r1 | BlueCoat | CONFIGURATION MANAGEMENT |
